[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$flqfOg4uPOP8Egm83E3edl4wp4lZso_yJG2-D7UoLoLs":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":49,"crawl_stats":38,"alternatives":55,"analysis":153,"fingerprints":226},"wf-cookie-consent","WF Cookie Consent","1.2.0","wunderfarm","https:\u002F\u002Fprofiles.wordpress.org\u002Fwunderfarm\u002F","\u003Cp>WF Cookie Consent shows the user a clear message that the site uses cookies.\u003Cbr \u002F>\nThis plugin supports multi-language installations with the polylang-plugin from Chouby or WPML-plugin from wpml.org. It has a wide array of settings for controlling the style and contents.\u003Cbr \u002F>\nWF Cookie Consent is the “wunderfarm-way” to show how your website complies with the EU Cookie Law.\u003C\u002Fp>\n","The wunderfarm-way to show how your website complies with the EU Cookie Law - very easy, 100% responsive and with multi-language support!",10000,726358,100,27,"2024-06-11T08:47:00.000Z","6.5.8","3.0.1","",[20,21,22,23,24],"compliance","cookie-law","cookiebar","cookielaw","cookies","http:\u002F\u002Fwww.wunderfarm.com\u002Fplugins\u002Fwf-cookie-consent","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwf-cookie-consent.1.2.0.zip",92,1,0,"2018-05-01 00:00:00","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2018-10371","wf-cookie-consent-cross-site-scripting","WF Cookie Consent \u003C= 1.1.3 - Cross-Site Scripting","An issue was discovered in the wunderfarm WF Cookie Consent plugin 1.1.3 for WordPress. A persistent cross-site scripting vulnerability has been identified in the web interface of the plugin that allows the execution of arbitrary HTML\u002Fscript code to be executed in a victim's web browser via a page title.",null,"\u003C1.1.4","1.1.4","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-01-22 19:56:02",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F00fa2ca1-a1bd-4b58-ae64-1b61534c1e3d?source=api-prod",2093,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":50,"total_installs":51,"avg_security_score":52,"avg_patch_time_days":48,"trust_score":53,"computed_at":54},3,11010,90,72,"2026-04-04T15:34:23.206Z",[56,79,96,116,136],{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":13,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":70,"tags":71,"homepage":76,"download_link":77,"security_score":78,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"ilmenite-cookie-consent","Ilmenite Cookie Consent","3.3.0","Erik Bernskiold","https:\u002F\u002Fprofiles.wordpress.org\u002Ferik-bernskiold\u002F","\u003Cp>There are many WordPress plugins out there which does a lot of fancy things with the cookie consent. We didn’t find one we really liked that was really lightweight and developer friendly and so we created our own.\u003C\u002Fp>\n\u003Cp>It isn’t meant for the masses who want tons of configurable options in the admin (although it will work and look fine out of the box). Many use this plugin with the default styling because it is so light-weight and good-looking.\u003C\u002Fp>\n\u003Cp>For the developer who wants the functionality and being able to conveniently override the styles in the theme without bloat—here’s a plugin for you. You have filters and actions available to you at every step of the process.\u003C\u002Fp>\n\u003Cp>See the installation section for more information on how to install. The FAQ section has important information on how to customize the plugin.\u003C\u002Fp>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cp>Included in the package are complete translations for the following languages:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Lithuanian (Thanks @batiufa)\u003C\u002Fli>\n\u003Cli>Swedish\u003C\u002Fli>\n\u003Cli>Occitan (Thanks Mejans)\u003C\u002Fli>\n\u003Cli>Norwegian\u003C\u002Fli>\n\u003Cli>Danish\u003C\u002Fli>\n\u003Cli>Hungarian\u003C\u002Fli>\n\u003Cli>Spanish\u003C\u002Fli>\n\u003Cli>German\u003C\u002Fli>\n\u003Cli>Italian\u003C\u002Fli>\n\u003Cli>Slovenian\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>A complete \u003Cem>.pot\u003C\u002Fem> file is available in the \u003Cem>translations\u002F\u003C\u002Fem> directory. If you use and translate this little plugin, please send us the translation so it can be included!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Even better\u003C\u002Fstrong> is if you use Translate.WordPress.org for your translations. That way, they will be automatically distributed with the WordPress updater.\u003Cbr \u002F>\nHowever, in some locales, the work with the Translate site is not up to speed. We will continue to support included translations for a while.\u003C\u002Fp>\n","A simple, developer-friendly WordPress plugin with minimum bloat that lets visitors know that the site is using cookies.",2000,39324,9,"2024-02-04T13:44:00.000Z","6.4.8","5.0","7.2",[72,73,74,24,75],"cookie-banner","cookie-compliance","cookie-notice","eu-cookie-law","https:\u002F\u002Fgithub.com\u002Fbernskioldmedia\u002FIlmenite-Cookie-Consent","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Filmenite-cookie-consent.zip",85,{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":13,"downloaded":87,"rating":29,"num_ratings":29,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":18,"tags":91,"homepage":94,"download_link":95,"security_score":78,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"wp-gdpr-cookie-consent","WP GDPR Cookie Consent","1.0.0","Shahjahan Jewel","https:\u002F\u002Fprofiles.wordpress.org\u002Ftechjewel\u002F","\u003Ch3>What WordPress GDPR Cookie Consent Plugin Do?\u003C\u002Fh3>\n\u003Cp>WP GDPR Cookie Cookie Consent is a WordPress plugin which will do the followings:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>A highly customizable consent builder to build your cookie conset banner from backend and you can control where the content banner will show. You can show your consent banner at the top, bottom, left-bottom or right bottom.\u003C\u002Fli>\n\u003Cli>You can fully customize the colors, texts, Button color, button texts etc.\u003C\u002Fli>\n\u003Cli>You can set how many days the cookie will be saved for accept and for decline.\u003C\u002Fli>\n\u003Cli>Users can easily click “Accept” button to provide consent.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why This Plugin is better than other plugins?\u003C\u002Fh3>\n\u003Cp>There has many other plugins who do the same job. The reason, I build this plugin because. Almost all of them failed to build this simple cookie consent in terms of simplicity, performance and page speed effect. For an example, most of the plugins load multiple js and css file for every page load. It does not matter if the user accepted or not. Some plugin send “Ajax Requests” for every page load which is expensive for your server and overall site perfomance.\u003Cbr \u002F>\nThe aim of this plugin is to do this job correctly. It does not make any sence, why those plugins load their assets once user provide consent because after consent those plugins don’t have anything to do.\u003C\u002Fp>\n\u003Ch4>Here what I have improved in this plugin and I can say better than other cookie plugin.\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>This plugin load only one js file ( 1KB Size ) and no css file will be loaded.\u003C\u002Fli>\n\u003Cli>If a user provide a consent then, No JS file will be loaded for that user.\u003C\u002Fli>\n\u003Cli>That’s it. This plugin will not make your site slower like other plugins.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Switch Existing Cookie Plugin with WP GDPR Consent Plugin\u003C\u002Fh3>\n\u003Cp>I used few different cookie consent plugin for my sites and it’s hard to switch cookie plugin because then all users have to consent again and I see that’s a problem.\u003Cbr \u002F>\nI have solved this problem in this plugin. If you use one of the plugins as listed bellow then then this plugin will read cookie added by your existing plugin and will not show consent because those users already gave consent.\u003Cbr \u002F>\nIf you are using the following plugins for cookie consent then you can just switch with this plugin without any issue for your existing users:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>GDPR Cookie Consent By WebToffee\u003C\u002Fli>\n\u003Cli>Cookie Notice for GDPR By dFactory\u003C\u002Fli>\n\u003Cli>GDPR Cookie Compliance By Moove Agency\u003C\u002Fli>\n\u003Cli>Cookie Consent By Catapult_Themes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you are using other plugins and want to move to this plugin just open a ticket with your currently using plugin name and we will add feature for that.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>Once Install and Activate go to Tools -> WP GDPR Consent and configure your settings. That’s it. All your users will see the consent.\u003C\u002Fp>\n\u003Ch3>Awesome Support\u003C\u002Fh3>\n\u003Cp>Get dedicated support from our awesome happiness managers and developers and Yes! It’s completely free.\u003C\u002Fp>\n\u003Cp>So, give this plugin a try and check the awesome powerful features and table styles, Let us know what you loved and what else you need more.\u003C\u002Fp>\n","The Most Light-Weight, Simple and Complete GDPR Cookie Consent WP Plugin.",2946,"2018-09-28T14:23:00.000Z","4.9.29","4.5",[73,21,24,92,93],"gdpr","regulations","https:\u002F\u002Fgithub.com\u002FWPManageNinja\u002Fwp-gdpr-cookie-consent","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-gdpr-cookie-consent.zip",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":13,"num_ratings":106,"last_updated":107,"tested_up_to":108,"requires_at_least":69,"requires_php":109,"tags":110,"homepage":114,"download_link":115,"security_score":13,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"wp-consent-api","WP Consent API","2.0.1","Rogier Lankhorst","https:\u002F\u002Fprofiles.wordpress.org\u002Frogierlankhorst\u002F","\u003Cp>WP Consent API is a plugin that standardizes the communication of accepted consent categories between plugins. It requires a cookie banner plugin and, at least, one other plugin that supports the WP Consent API.\u003C\u002Fp>\n\u003Cp>With this plugin, all supporting plugins can use the same set of methods to read and register the current consent category, allowing consent management plugins and other plugins to work together, improving compliance with privacy laws.\u003C\u002Fp>\n\u003Cp>WARNING: the plugin itself will not handle consent. It will show you how many plugins you have without Consent API support and will improve compliance on your site by ensuring smooth communication between cookie banner plugins and plugins that set cookies or track user data.\u003C\u002Fp>\n\u003Ch4>What problem does this plugin solve?\u003C\u002Fh4>\n\u003Cp>Currently, it is possible for a consent management plugin to block third-party services like Facebook, Google Maps, Twitter, etc. But if a WordPress plugin places a PHP cookie, a consent management plugin cannot prevent this.\u003C\u002Fp>\n\u003Cp>Secondly, some plugins integrate the tracking code on the clientside in javascript files that, when blocked, break the site.\u003C\u002Fp>\n\u003Cp>Or, if such a plugin’s javascript is minified, causing the URL to be unrecognizable and won’t get detected by an automatic blocking script.\u003C\u002Fp>\n\u003Cp>Lastly, the blocking approach requires a list of all types of URL’s that tracks data. A generic API where plugins adhere to can greatly\u003Cbr \u002F>\nfacilitate a webmaster in getting a site compliant.\u003C\u002Fp>\n\u003Ch4>Does usage of this API prevent third-party services from tracking user data?\u003C\u002Fh4>\n\u003Cp>Primary this API is aimed at compliant first-party cookies or tracking by WordPress plugins. If such a plugin triggers, for example, Facebook,\u003Cbr \u002F>\nusage of this API will be of help. If a user embeds a Facebook iframe, a blocking tool is needed that initially disables the iframe and or scripts.\u003C\u002Fp>\n\u003Cp>Third-party scripts have to blocked by blocking functionality in a consent management plugin. To do this in core would be to intrusive, and is also not applicable to all users: only users with visitors from opt-in regions such as the European Union require such a feature. Such a feature also has a risk of breaking things. Additionally, blocking these and showing a nice placeholder requires even more sophisticated code, all of which should in my opinion not be part of WordPress core, for the same reasons.\u003C\u002Fp>\n\u003Ch4>How does it work?\u003C\u002Fh4>\n\u003Cp>There are two indicators that together tell if consent is given for a specific consent category, e.g., “marketing”:\u003Cbr \u002F>\n1) the region based consent_type, which\u003Cbr \u002F>\ncan be opt-in, opt-out, or other possible consent_types;\u003Cbr \u002F>\n2) and the visitor’s choice: not set, allow, or deny.\u003C\u002Fp>\n\u003Cp>The consent_type is a function that wraps a filter, “wp_get_consent_type”. If there’s no consent management plugin to set it, it will return false. This will cause all consent categories to return true, allowing cookies to be set on all categories.\u003C\u002Fp>\n\u003Cp>If opt-in is set using this filter, a category will only return true if the value of the visitor’s choice is “allow”.\u003C\u002Fp>\n\u003Cp>If the region based consent_type is opt-out, it will return true if the visitor’s choice is not set or is “allow”.\u003C\u002Fp>\n\u003Cp>Clientside, a consent management plugin can dynamically manipulate the consent type and set several cookie categories.\u003C\u002Fp>\n\u003Cp>A plugin can use a hook to listen for changes or check the value of a given category.\u003C\u002Fp>\n\u003Cp>Categories and most other stuff can be extended with a filter.\u003C\u002Fp>\n\u003Ch3>Existing integrations\u003C\u002Fh3>\n\u003Cp>Categorized, and sorted alphabetically\u003C\u002Fp>\n\u003Ch4>Example plugin\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Frlankhorst\u002Fconsent-api-example-plugin\" rel=\"nofollow ugc\">Example plugin\u003C\u002Fa>. The plugin basically consists of a shortcode, with a div that shows a tracking or not tracking message. No actual tracking is done 🙂\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Consent Management Providers\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsirdata-cmp\u002F\" rel=\"ugc\">Abconsent Sirdata CMP\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbeautiful-and-responsive-cookie-consent\u002F\" rel=\"ugc\">Beautiful Cookie Consent Banner\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fclickio-consent\u002F\" rel=\"ugc\">Clickio Consent\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcomplianz-gdpr\u002F\" rel=\"ugc\">Complianz GDPR\u002FCCPA\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fconsent.studio\u002F\" rel=\"nofollow ugc\">Consent Studio\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fconsent-manager\u002F\" rel=\"ugc\">consentmanager\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fconzent.net\u002F\" rel=\"nofollow ugc\">Conzent\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcookiebot\u002F\" rel=\"ugc\">Cookiebot\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcookiefirst-gdpr-cookie-consent-banner\u002F\" rel=\"ugc\">CookieFirst\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcookiehub\u002F\" rel=\"ugc\">CookieHub\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcookietractor\u002F\" rel=\"ugc\">CookieTractor\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcookie-law-info\u002F\" rel=\"ugc\">CookieYes – Cookie Banner for Cookie Consent\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgdpr-cookie-compliance\u002F\" rel=\"ugc\">GDPR Cookie Compliance\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.webtoffee.com\u002Fproduct\u002Fgdpr-cookie-consent\u002F\" rel=\"nofollow ugc\">GDPR Cookie Consent Plugin – CCPA Ready\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgetterms.io\u002Fconsent-manager\u002F\" rel=\"nofollow ugc\">GetTerms\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fiubenda-cookie-law-solution\u002F\" rel=\"ugc\">iubenda | All-in-one Compliance\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpressidium-cookie-consent\u002F\" rel=\"ugc\">Pressidium Cookie Consent\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftrustarc-cookie-consent-manager\u002F\" rel=\"ugc\">TrustArc Cookie Consent Manager\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Consent Requiring Plugins\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadd-to-any\u002F\" rel=\"ugc\">AddToAny\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.appfromlab.com\u002Fproduct\u002Fwoocommerce-utm-tracker-plugin\u002F\" rel=\"nofollow ugc\">AFL UTM Tracker Plugin\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fburst-statistics\u002F\" rel=\"ugc\">Burst Statistics\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgoogle-site-kit\u002F\" rel=\"ugc\">Google Site Kit\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce-google-adwords-conversion-tracking-tag\u002F\" rel=\"ugc\">Pixel Manager for WooCommerce\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce\u002F\" rel=\"ugc\">Woo\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-statistics\u002F\" rel=\"ugc\">WP Statistics\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Demo site\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpconsentapi.org\u002F\" rel=\"nofollow ugc\">wpconsentapi.org\u003C\u002Fa>\u003Cbr \u002F>\nBelow are the plugins used to set up the demo site:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Complianz\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Frlankhorst\u002Fconsent-api-example-plugin\" rel=\"nofollow ugc\">The example plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>javascript, consent management plugin\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>\u002F\u002Fset consent type\nwindow.wp_consent_type = 'optin'\n\n\u002F\u002Fdispatch event when consent type is defined. This is useful if the region is detected server side, so the consent type is defined later during the pageload\nlet event = new CustomEvent('wp_consent_type_defined');\ndocument.dispatchEvent( event );\n\n\n\u002F\u002Fconsent management plugin sets cookie when consent category value changes\nwp_set_consent('marketing', 'allow');\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>javascript, tracking plugin\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>\u002F\u002Flisten to consent change event\ndocument.addEventListener(\"wp_listen_for_consent_change\", function (e) {\n  var changedConsentCategory = e.detail;\n  for (var key in changedConsentCategory) {\n    if (changedConsentCategory.hasOwnProperty(key)) {\n      if (key === 'marketing' && changedConsentCategory[key] === 'allow') {\n        console.log(\"just given consent, track user\")\n      }\n    }\n  }\n});\n\n\u002F\u002Fbasic implementation of consent check:\nif (wp_has_consent('marketing')){\n  activateMarketing();\n  console.log(\"set marketing stuff now!\");\n} else {\n  console.log(\"No marketing stuff please!\");\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>PHP\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>\u002F\u002Fdeclare compliance with consent level API\n$plugin = plugin_basename( __FILE__ );\nadd_filter( \"wp_consent_api_registered_{$plugin}\", '__return_true' );\n\n\u002F**\n* Example how a plugin can register cookies with the consent API\n * These cookies can then be shown on the front-end, to the user, with wp_get_cookie_info()\n *\u002F\n\nfunction my_wordpress_register_cookies(){\n    if ( function_exists( 'wp_add_cookie_info' ) ) {\n        wp_add_cookie_info( 'AMP_token', 'AMP', 'marketing', __( 'Session' ), __( 'Store a unique User ID.' ) );\n    }\n}\nadd_action('plugins_loaded', 'my_wordpress_register_cookies');\n\n\nif (wp_has_consent('marketing')){\n\u002F\u002Fdo marketing stuff\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Service-level consent\u003C\u002Fh4>\n\u003Cp>In addition to category-based consent, the API supports service-level consent control. This allows consent management plugins to grant or deny consent for specific services (like ‘google-analytics’ or ‘facebook-pixel’) independently from their category. When checking service consent with wp_has_service_consent(), the API first checks if explicit consent exists for that service. If no explicit consent is set, it falls back to the consent status of the service’s category. This enables fine-grained control: a user might accept statistics cookies in general, but explicitly deny a specific analytics service.\u003C\u002Fp>\n\u003Cp>Service consent can be checked and set both server-side (PHP) and client-side (JavaScript):\u003C\u002Fp>\n\u003Cp>PHP:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u002F\u002Fcheck if a specific service has consent\nif ( wp_has_service_consent( 'google-analytics' ) ) {\n    \u002F\u002Factivate google analytics\n}\n\n\u002F\u002Fcheck if a service is explicitly denied\nif ( wp_is_service_denied( 'facebook-pixel' ) ) {\n    \u002F\u002Fservice was explicitly denied by user\n}\n\n\u002F\u002Fset service consent\nwp_set_service_consent( 'google-analytics', true ); \u002F\u002Fgrant consent\nwp_set_service_consent( 'facebook-pixel', false ); \u002F\u002Fdeny consent\n\n\u002F\u002Flisten for service consent changes\nadd_action( 'wp_consent_service_changed', function( $service, $consented ) {\n    error_log( \"Service {$service} consent changed to: \" . ( $consented ? 'granted' : 'denied' ) );\n}, 10, 2 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>JavaScript:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u002F\u002Fcheck service consent\nif ( wp_has_service_consent( 'youtube' ) ) {\n    \u002F\u002Factivate tracking\n}\n\n\u002F\u002Fcheck if explicitly denied\nif ( wp_is_service_denied( 'facebook-pixel' ) ) {\n    \u002F\u002Fservice denied\n}\n\n\u002F\u002Fset service consent\nwp_set_service_consent( 'youtube', true );\n\n\u002F\u002Flisten for service consent changes\ndocument.addEventListener( 'wp_consent_api_status_change_service', function( e ) {\n    console.log( 'Service: ' + e.detail.service + ', consented: ' + e.detail.value );\n});\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Any code suggestions? We’re on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWordPress\u002Fwp-consent-level-api\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa> as well!\u003C\u002Fp>\n","Simple Consent API to read and register the current consent category.",200000,779186,2,"2026-03-12T09:27:00.000Z","6.9.4","7.4",[111,20,112,24,113],"api","consent","privacy","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-consent-api","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-consent-api.2.0.1.zip",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":11,"downloaded":124,"rating":125,"num_ratings":126,"last_updated":127,"tested_up_to":128,"requires_at_least":129,"requires_php":18,"tags":130,"homepage":132,"download_link":133,"security_score":134,"vuln_count":106,"unpatched_count":29,"last_vuln_date":135,"fetched_at":31},"cookie-bar","Cookie Bar","2.2","Brontobytes","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrontobytes\u002F","\u003Cp>A simple, lightweight WordPress plugin for displaying a discreet notification bar that is dismissable and the dismissal is saved by cookie. Perfect for implementing the EU cookie law (GDPR)!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>The Cookie Bar plugin creates a small bar at the bottom of the website with a short customizable message about cookies and an accept button.\u003C\u002Fstrong> Once a visitor has accepted the Cookie Bar, it then disappears.\u003C\u002Fp>\n\u003Cp>Feel free to try out the plugin through our installation of \u003Ca href=\"https:\u002F\u002Fwww.brontobytes.com\u002Fblog\u002Fcookie-bar-free-wordpress-plugin\u002F\" rel=\"nofollow ugc\">Cookie Bar\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Troubleshooting: If you or your visitors are using an adblocker that can block cookie bars, the bar may not show up. Whitelist your website in your adblocker’s browser add-on\u002Fextension.\u003C\u002Fp>\n","Cookie Bar allows you to discreetly inform visitors that your website uses cookies.",170028,98,22,"2025-10-29T18:54:00.000Z","6.8.5","3.8",[112,131,117,73,24],"cookie","https:\u002F\u002Fwww.brontobytes.com\u002Fblog\u002Fcookie-bar-free-wordpress-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcookie-bar.2.2.zip",99,"2023-10-24 00:00:00",{"slug":137,"name":138,"version":139,"author":140,"author_profile":141,"description":142,"short_description":143,"active_installs":11,"downloaded":144,"rating":145,"num_ratings":146,"last_updated":147,"tested_up_to":108,"requires_at_least":148,"requires_php":148,"tags":149,"homepage":18,"download_link":151,"security_score":134,"vuln_count":28,"unpatched_count":29,"last_vuln_date":152,"fetched_at":31},"cookie-script-com","Cookie-Script.com","1.4.3","csarturas","https:\u002F\u002Fprofiles.wordpress.org\u002Fcsarturas\u002F","\u003Cp>\u003Cstrong>CookieScript\u003C\u002Fstrong> helps your WordPress site meet privacy requirements like \u003Cstrong>GDPR, CPRA, PIPEDA\u003C\u002Fstrong> and more. It adds a cookie banner to your site—no need to edit files or write any code yourself.\u003C\u002Fp>\n\u003Cp>You can use it right after installing, \u003Cstrong>even without a CookieScript account\u003C\u002Fstrong>. Later on, if you want to adjust how the banner looks or behaves, you can link an account to unlock more options.\u003C\u002Fp>\n\u003Cp>The plugin works with \u003Cstrong>Google Consent Mode v2\u003C\u002Fstrong> and the \u003Cstrong>WP Consent API\u003C\u002Fstrong>, and can \u003Cstrong>block third-party cookies\u003C\u002Fstrong> until a visitor gives permission. It keeps your site compliant without interfering with tools like Google Analytics or ads.\u003C\u002Fp>\n\u003Cp>More details are available at \u003Ca href=\"https:\u002F\u002Fcookie-script.com\u002F\" rel=\"nofollow ugc\">cookie-script.com\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin utilizes Cookie-Script.com services to function.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>1. Cookie-Script.com API\u003C\u002Fstrong>\u003Cbr \u002F>\n*   \u003Cstrong>Service:\u003C\u002Fstrong> Scans your website for cookies and retrieves configuration\u002Fstatus.\u003Cbr \u002F>\n*   \u003Cstrong>Data Sent:\u003C\u002Fstrong> Website URL, Privacy Policy URL, Language preference, and a unique scan identifier.\u003Cbr \u002F>\n*   \u003Cstrong>When:\u003C\u002Fstrong> During manual scan initiation via the plugin settings.\u003Cbr \u002F>\n*   \u003Cstrong>Privacy Policy:\u003C\u002Fstrong> https:\u002F\u002Fcookie-script.com\u002Flegal\u002Fprivacy-policy\u003Cbr \u002F>\n*   \u003Cstrong>Terms of Service:\u003C\u002Fstrong> https:\u002F\u002Fcookie-script.com\u002Flegal\u002Fterms-and-conditions\u003C\u002Fp>\n\u003Cp>\u003Cstrong>2. Cookie-Script.com CDN\u003C\u002Fstrong>\u003Cbr \u002F>\n*   \u003Cstrong>Service:\u003C\u002Fstrong> Delivers the JavaScript file for the cookie banner (for “With Account” mode).\u003Cbr \u002F>\n*   \u003Cstrong>Data Sent:\u003C\u002Fstrong> Standard web request data (IP address, User Agent) when fetching the script.\u003Cbr \u002F>\n*   \u003Cstrong>When:\u003C\u002Fstrong> On every page load where the banner is active.\u003Cbr \u002F>\n*   \u003Cstrong>Privacy Policy:\u003C\u002Fstrong> https:\u002F\u002Fcookie-script.com\u002Flegal\u002Fprivacy-policy\u003C\u002Fp>\n\u003Ch3>\u003C\u002Fh3>\n","Cookie-Script.com WordPress plugin.",109708,62,14,"2026-01-19T09:00:00.000Z","5.6",[20,112,131,150,92],"cookiescript","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcookie-script-com.1.4.3.zip","2025-06-19 00:00:00",{"attackSurface":154,"codeSignals":182,"taintFlows":211,"riskAssessment":212,"analyzedAt":225},{"hooks":155,"ajaxHandlers":178,"restRoutes":179,"shortcodes":180,"cronEvents":181,"entryPointCount":29,"unprotectedCount":29},[156,162,166,170,174],{"type":157,"name":158,"callback":159,"file":160,"line":161},"action","wp_enqueue_scripts","wf_cookieconsent_scripts","wf-cookie-consent.php",23,{"type":157,"name":163,"callback":164,"priority":13,"file":160,"line":165},"wp_footer","wf_cookieconsent_load",104,{"type":157,"name":167,"callback":168,"file":160,"line":169},"admin_menu","wf_cookieconsent_admin_add_page",124,{"type":157,"name":171,"callback":172,"file":160,"line":173},"admin_init","wf_cookieconsent_admin_init",216,{"type":157,"name":175,"callback":176,"file":160,"line":177},"admin_notices","wf_cookieconsent_admin_notice__iubenda",291,[],[],[],[],{"dangerousFunctions":183,"sqlUsage":184,"outputEscaping":186,"fileOperations":29,"externalRequests":29,"nonceChecks":29,"capabilityChecks":29,"bundledLibraries":210},[],{"prepared":29,"raw":29,"locations":185},[],{"escaped":187,"rawEcho":188,"locations":189},6,10,[190,192,194,196,198,200,202,204,206,208],{"file":160,"line":13,"context":191},"raw output",{"file":160,"line":193,"context":191},221,{"file":160,"line":195,"context":191},228,{"file":160,"line":197,"context":191},242,{"file":160,"line":199,"context":191},249,{"file":160,"line":201,"context":191},251,{"file":160,"line":203,"context":191},266,{"file":160,"line":205,"context":191},280,{"file":160,"line":207,"context":191},282,{"file":160,"line":209,"context":191},285,[],[],{"summary":213,"deductions":214},"The \"wf-cookie-consent\" plugin version 1.2.0 shows a mixed security posture.  While the static analysis indicates a clean bill of health regarding entry points, dangerous functions, SQL injection, file operations, and external requests, there are notable concerns. The output escaping is only 38% properly done, which is a significant weakness that could lead to cross-site scripting vulnerabilities.  Furthermore, the complete lack of capability checks and nonce checks across all identified entry points (even though there are none currently) is a structural concern that could become a risk if new entry points are added without proper security considerations. The plugin's vulnerability history shows a single medium-severity CVE in 2018, which was related to Cross-site Scripting and is currently patched. This suggests that while historical vulnerabilities have been addressed, the output escaping issue could be a recurring or latent risk.",[215,218,221,223],{"reason":216,"points":217},"Low percentage of properly escaped output",8,{"reason":219,"points":220},"No capability checks on entry points",5,{"reason":222,"points":220},"No nonce checks on entry points",{"reason":224,"points":220},"Past medium severity XSS vulnerability","2026-03-16T17:43:04.010Z",{"wat":227,"direct":233},{"assetPaths":228,"generatorPatterns":230,"scriptPaths":231,"versionParams":232},[229],"\u002Fwp-content\u002Fplugins\u002Fwf-cookie-consent\u002Fjs\u002Fcookiechoices.min.js",[],[229],[],{"cssClasses":234,"htmlComments":235,"htmlAttributes":236,"restEndpoints":237,"jsGlobals":238,"shortcodeOutput":240},[],[],[],[],[239],"window._wfCookieConsentSettings",[]]